Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Aurora and other such trouble

Slave1

Posted 09 June 2005 - 09:44 PM

Slave1

New Member

Member

6 posts

Hello, I have run the recommended programs in an attempt to clean up my computer. I have Aurora and I’m certain I have other infections as well. Please review my HijackThis log and Ewido log and help me to fix these problems. Much appreciated.

Advertisements

insipid

Posted 16 June 2005 - 05:35 PM

insipid

Visiting Staff

Member

313 posts

I apologize for the delay getting to your log, the helpers here are very busy. If you are still having malware troubles, I will be glad to help. Due to the length of time passed, I need to see a new HijackThis Log.

Now, close all windows including your browser and then click "Fix Checked" in Hijackthis.

Please remove these entries from Add/Remove Programs in the Control Panel(if present):

Ebates_MoeMoneyMaker

Please delete these folders using Windows Explorer(if present):

C:\Program Files\Ebates_MoeMoneyMaker\

Please delete these files using Windows Explorer(if present):

C:/WINDOWS/pcsearch.reg

Next, clean out all the temporary files and cookies on your system. Go to Start > Run and enter: cleanmgr. Let it scan your system for files to remove. Check these three boxes and then press ok to remove: Temporary Files, Temporary Internet Files, Recycle Bin.

Slave1

Posted 24 June 2005 - 02:42 AM

Slave1

New Member

Topic Starter

Member

6 posts

Thank you Insipid for you clear direction and help. Below is the Panda scan report. Housecall had no problems cleaning what it found. I was unable to locate any Ebates_MoeMoneyMaker files or folders and the “pcsearch.reg” was not present either. There is also the latest HJT log.

insipid

Posted 24 June 2005 - 07:37 PM

insipid

Visiting Staff

Member

313 posts

Slave1, that looks much better. You're not running Anti-virus or Firewall software, I strongly urge you to download and install AVG Free Edition and ZoneAlarm Firewall. Links to these excellent free programs can be found in my signature below.

You are using Kazaa. This is not technically malware by itself, but it installs malware in order to run properly and it opens the door for every other nasty program you can think of. I strongly recommend that you remove it. Read this article for alternatives that will provide some of the same function without the garbage: http://www.spywarein...m/articles/p2p/ If you opt to remove it, first use Add/Remove Program to remove it and any reference to Altnet and P2P Networking. Go to your control panel, then to add/remove programs...uninstall P2P networking...If/when asked whether you also want to remove Altnet components, say 'Yes'.P2P Networking is a totally useless Kazaa add-on, and it's been reported to be responsible for serious system slowdowns. You may also want to run KazaaBegone....

Let's get rid of some of those bad files Panda found. Please locate and delete these files:

Slave1

Posted 25 June 2005 - 02:33 AM

Slave1

New Member

Topic Starter

Member

6 posts

Once again thank you insipid. I will shortly be downloading the Anti-virus and firewall programs you have suggested, not having such programs was foolish I know. I chose to remove Kazaa however it was not possible using Add/Remove as none of the references where there (Altnet or P2P or Kazaa). I ran KazaaBeGone and it seems to have worked well. I was also unable to find:C:\WINDOWS\alchem (with the funny symbols) i did findC:\WINDOWS\alchem.inf thoughC:\WINDOWS\Downloaded Program Files\test.inf was the other one i could not find after having run KazaaBeGone.Here is the new HJT log after reboot.

insipid

Posted 25 June 2005 - 09:19 AM

Windows System Restore can and does backup malware files which can then be reinstalled if you ever restore to a previous point. To prevent this, we need to purge your Restore points:

Go to Start->Control Panel->System, System Restore. Click "Turn off System Restore". That will erase all restore points. You will be prompted to reboot. When Windows restarts, immediately go back in and uncheck "Turn off System Restore" to re-enable it. Windows will automatically create a new restore point.

Slave1

Posted 28 June 2005 - 08:52 AM

Slave1

New Member

Topic Starter

Member

6 posts

Hey Insipid, thanks very much for all your help my computer seems to be running much...much better now. No pop-ups at all. I had forgotten what it was like.
However i still have some problems that i need help with for perhaps non Malware related issues. My Internet connection tends to drop out on occasion especially when i run MSN Messenger. I have run most of the internet fixes that i have come across though your help but that doesnt seem to have helped. I also am having this little annoyance with my keyboard where i seem to be able to type faster than it can register (make the words appear) and all my direction keys and delete key will not repeat if i hold it down even though just about every other key will. I also have a problem with using Winamp or any other media player and typing at the same time, if i do this everything really slows down. Its all got me beat, so if you could give me some help or point me in the right direction that would be awesome.
Once again thank you